services.neo4j.ssl.policies.<name>.allowKeyGeneration
Allows the generation of a private key and associated self-signed certificate. Only performed when both objects cannot be found for this policy. It is recommended to turn this off again after keys have been generated.
The public certificate is required to be duplicated to the
directory holding trusted certificates as defined by the
trustedDir option.
Keys should in general be generated and distributed offline by a trusted certificate authority and not by utilizing this mode.
- Type
boolean- Default
false- Declared
- <nixpkgs/nixos/modules/services/databases/neo4j.nix>